With this week being Fraud Awareness Week, here are my five top tips to remember when handling digital evidence:
- Do NOT turn on the device;
- If a computer is on, if possible, forensically capture any live volatile data and then turn it off directly at the power switch. Do not use the shutdown command. If a server is on, power it down. Likewise, for mobile devices, if passcodes etc have been successfully obtained, remove the battery, if possible or do a full shutdown;
- Freeze the scene and ensure that the computer/device and any digital media is securely stored so that it can be forensically captured;
- Try and identify the user, other potential media and any other relevant information;
- Call in an expert.
International Fraud Awareness Week, or Fraud Week, was established by the Association of Certified Fraud Examiners (ACFE) in 2000 as a dedicated time to raise awareness about fraud. The week-long campaign encourages business leaders and employees to proactively take steps to minimize the impact of fraud by promoting anti-fraud awareness and education. Organizations and individuals are encouraged to register as Official Supporters prior to International Fraud Awareness Week, and to host training opportunities, distribute anti-fraud information or otherwise promote anti-fraud activities during the week.